Blame - classes/cluster/virtual-mcp11-aio-ssl/openstack/init.yml - salt-models/mcp-virtual-aio

blob: fd7df8d330bf2555d71a2cbe8b24f32be9c21f19 [file] [log] [blame]

Vasyl Saienko	3c6caf7	2018-03-06 01:51:48 +0200	[diff] [blame]	1	classes:
				2	- system.apache.server.site.cinder
				3	# Enable proxy for services that are not under apache and
				4	# do not use apache wsgi template
				5	- system.apache.server.proxy.openstack.designate
				6	- system.apache.server.proxy.openstack.glance
				7	- system.apache.server.proxy.openstack.heat
				8	- system.apache.server.proxy.openstack.neutron
				9	- system.apache.server.proxy.openstack.nova
				10	- system.apache.server.proxy.openstack.placement
				11	- cluster.virtual-mcp11-aio.openstack
				12	parameters:
				13	_param:
				14	cluster_public_protocol: https
				15	cluster_internal_protocol: https
				16	keystone_service_protocol: ${_param:cluster_internal_protocol}
				17	glance_service_protocol: ${_param:cluster_internal_protocol}
				18	nova_service_protocol: ${_param:cluster_internal_protocol}
				19	neutron_service_protocol: ${_param:cluster_internal_protocol}
				20	heat_service_protocol: ${_param:cluster_internal_protocol}
				21	cinder_service_protocol: ${_param:cluster_internal_protocol}
Vasyl Saienko	3c6caf7	2018-03-06 01:51:48 +0200	[diff] [blame]	22	designate_service_protocol: ${_param:cluster_internal_protocol}
				23	apache_proxy_ssl:
				24	enabled: true
				25	engine: salt
				26	authority: "${_param:salt_minion_ca_authority}"
				27	key_file: "/etc/ssl/private/internal_proxy.key"
				28	cert_file: "/etc/ssl/certs/internal_proxy.crt"
				29	chain_file: "/etc/ssl/certs/internal_proxy-with-chain.crt"
				30	apache_cinder_ssl: ${_param:apache_proxy_ssl}
				31	apache_keystone_ssl: ${_param:apache_proxy_ssl}
				32	apache_proxy_openstack_api_address: ${_param:cluster_public_host}
				33	apache_proxy_openstack_keystone_host: 127.0.0.1
				34	apache_proxy_openstack_nova_host: 127.0.0.1
				35	apache_proxy_openstack_glance_host: 127.0.0.1
				36	apache_proxy_openstack_neutron_host: 127.0.0.1
				37	apache_proxy_openstack_heat_host: 127.0.0.1
				38	apache_proxy_openstack_designate_host: 127.0.0.1
				39	apache_proxy_openstack_placement_host: 127.0.0.1
				40	apache_keystone_api_host: ${_param:single_address}
Vasyl Saienko	3c6caf7	2018-03-06 01:51:48 +0200	[diff] [blame]	41	neutron:
				42	server:
				43	bind:
				44	address: 127.0.0.1
				45	identity:
				46	protocol: https
				47	nova:
				48	controller:
				49	bind:
				50	private_address: 127.0.0.1
				51	identity:
				52	protocol: https
				53	network:
				54	protocol: https
				55	glance:
				56	protocol: https
				57	metadata:
				58	bind:
				59	address: ${_param:nova_service_host}
				60
				61	cinder:
				62	controller:
				63	identity:
				64	protocol: https
				65	glance:
				66	protocol: https
				67	horizon:
				68	server:
				69	secure: False
				70	identity:
				71	encryption: ssl
				72	designate:
				73	server:
				74	identity:
				75	protocol: https
				76	bind:
				77	api:
				78	address: 127.0.0.1
				79	glance:
				80	server:
				81	bind:
				82	address: 127.0.0.1
				83	identity:
				84	protocol: https
				85	registry:
				86	protocol: https
				87	heat:
				88	server:
				89	bind:
				90	api:
				91	address: 127.0.0.1
				92	api_cfn:
				93	address: 127.0.0.1
				94	api_cloudwatch:
				95	address: 127.0.0.1
				96	identity:
				97	protocol: https